为什么在Windows上使用Mechanize无法访问SSL站点,而在Mac上却可以工作? [英] Why does accessing a SSL site with Mechanize on Windows fail, but on Mac work?
问题描述
这是我用来连接到SSL站点的代码.
This is the code I'm using to connect to the SSL site.
require 'mechanize'
a = Mechanize.new
page = a.get 'https://site.com'
我正在使用Ruby 1.9.3和Mechanize 2.1pre1 +依赖项.在Mac上,上述代码有效并返回页面.在运行相同版本的Windows 7上,它给我以下错误:
I"m using using Ruby 1.9.3 and Mechanize 2.1pre1 + dependencies. On Mac the above code works and returns the page. On windows 7 running the same versions it gives me the following error:
OpenSSL::SSL::SSLError: SSL_connect returned=1 errno=0 state=SSLv3
read server certificate B: certificate verify failed
恢复到机械化2.0.1似乎可以解决此问题,但是随后我困扰于too many connections reset by peer问题.因此,这不是解决方案.
Reverting to Mechanize 2.0.1 seems to solve this problem, but I then get plagued with the too many connections reset by peer problem. Thus that is not a solution.
我尝试做a.verify_mode = false,但是什么也没做.我已经读到您可以使用以下方法关闭SSL验证:
I've tried doing a.verify_mode = false, but that does not do anything. I have read that you can turn off SSL verification by using:
open(uri,:ssl_verify_mode => OpenSSL::SSL::VERIFY_NONE)
如何在Mechanize中将其关闭?为什么我只在Windows上出现此错误?
How can I turn it off in Mechanize ? Why am I only getting this error on Windows ?
推荐答案
OpenSSL的版本(用于与Net::HTTPS建立安全连接的库)无法在您的计算机中正确找到证书链.
The version of OpenSSL (the library used to establish secure connections with Net::HTTPS) is not able to properly find the certificate chain in your computer.
不幸的是,OpenSSL从未能够使用Windows安装的证书存储来验证远程服务器,因此失败了.
To our bad, OpenSSL was never able to use the Windows installed cert storage to validate remote servers so is failing because of that.
从您的示例中,您可以执行以下操作:
From your example, you can do:
a.agent.http.verify_mode = OpenSSL::SSL::VERIFY_NONE
为避免进行验证,但这远非理想(由于明显的安全问题)
To avoid the verification, however that is far from ideal (due clear security issues)
我建议您下载一些证书捆绑包(例如curl中的证书捆绑包):
I recommend you download some cert bundles (like the ones from curl):
然后将您的代码修改为以下内容:
And modify your code to something like this:
require "rbconfig"
require "mechanize"
a = Mechanize.new
# conditionally set certificate under Windows
# http://blog.emptyway.com/2009/11/03/proper-way-to-detect-windows-platform-in-ruby/
if RbConfig::CONFIG["host_os"] =~ /mingw|mswin/
# http://curl.haxx.se/ca
ca_path = File.expand_path "~/Tools/bin/curl-ca-bundle.crt"
a.agent.http.ca_file = ca_path
end
page = a.get "https://github.com/"
这似乎可行,Ruby 1.9.3-p0(i386-mingw32),Windows 7 x64和机械化2.1.pre.1
That seems to work, Ruby 1.9.3-p0 (i386-mingw32), Windows 7 x64 and mechanize 2.1.pre.1
希望有帮助.
这篇关于为什么在Windows上使用Mechanize无法访问SSL站点,而在Mac上却可以工作?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
